WHAT IS CLAIMED IS: 



11. A method for backing up data on a plurality of computers connected via a network, 

2 comprising: 

3 forming partnerships between the plurality of computers such that each computer in a 

4 partnership commits under agreements to help backup the data of its backup partners; 

5 backing up data in accordance with the agreements; and 

6 periodically verifying that previously backed up data is being retained by the computers 

7 committed to act as backup partners in accordance with the agreements. 

1 2. The method of claim 1, further comprising: 

2 selecting potential backup partners from among the plurality computers based on 
i=3 predetermined criteria. 

i:nl 3. The method of claim 1, further comprising: 

j:^ negotiating the agreements between the plurality of computers based on predetermined 

= F3 requirements, including backup requirements. 

y 4. The method of claim 1, wherein the plurality of computers can administer a distributed 

rg cooperative backing up of data in the absence of central control. 

1 / 

'■'i 5. The method of,dami 1, wherein each time before the data is backed up the data is 

2 encoded with an erasure code. 

/ 

1 6. The method of claim 1, wherem each time before the data is backed up the data is 

2 encoded with an error correction code. 

1 7. The method of;/claim 1, wherein each time before the data is backed up the data is 

2 encrypted. / 
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8. The method of claim 1, wherein each time before the data is backed up the data is 

2 encoded with an erasure code and the/encrypted, the encoding being for fault tolerance and the 

3 encryption being for data security, ^ 

1 9. The method of claim 1, /wherein each time before the data is backed up the data is 

2 compressed and then encoded/with an erasure code. 

1 10. The method of claim 9, wherein the compression is a lossless data compression. 1 1 . 

2 The method of claim 1^ wherein each time before the data is backed up the data is, in 

3 sequence, compressed, encoded with an erasure code and encrypted. 

1 The method of claim 1, wherein each time before the data is backed up the method 

2 further comprises, in sequence: 

3 performing data compression; 

4 performing a first data encryption; 

5 performing encoding with an erasure code; and 

6 performing a second data encryption. 

1 ^ The method of claimjaT wherein the first encryption is for data security and the second 

I encryption is for preventing freeloading by an^of the backup partners, and wherein the encoding 

! is for fault tolerance. /"^ 




The method of claim 1, furtlier comprising: 
restonng data from the^previously backed up data. 

^ The method of claim 1, wherein each of the plurality of computers has a storage, the 
storage being periodically scanned to find data to be backed up and identify data previously 
backed up that no longer needs to be backed up, the data to be backed up being retrieved from 
the storage for a next periodic backup. 
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The method of claim 1, wherein verifying that previously backed up data is retained by 

2 the backup partners includes monitoring the backup partners, and for any one of the backup 

3 partners being monitored, 

4 selecting a block of data stored at the monitored backup partner, 

5 requesting the block of data from the monitored backup partner, and 

6 receiving from the monitored backup partner and checking the block of data to 

7 determine if the block of data represents a corresponding block of previously backed up data 

1 The method of claim^^, wherein the block is selected randomly. 

1 The method of claim J^, wherein the block is selected using a protocol to produce a 

2 number that corresponds to the selected block. 

^3 Jr^ '^^^ method of claim /S, wherein the protocol, being performed by any computer of the 

\R plurality of computers, includes 

li sending by the computer to a monitored one of its backup partners a hash value of 

' % a first random number, 

\M receiving by the computer from the monitored one of its backup partners a second 

^ random number, 

I| sending by the computer to the monitored one of its backup partners the first 

!U random number, 

g computing the number fix)m the first and second random numbers by both the 

1 0 computer and the monitored one of its backup partners. 

1 The method of claim 1, fijrther comprising: 

2 selecting another computer connected via the network to be a new backup partner if it is 

3 determined that a backup partner has reneged by not retaining the previously backed up data; 

4 negotiating and, if an agreement is reached, forming a partnership with the other 

5 computer, accepting the other computer as the new backup partner. 



30 



SV/105812.02 
09202000/09:53/18973.50 



2 
3 



♦ PATENT 
ATTORI««)OCKET No. 18973.50 (POO-301 1) 

Qp 1 ^ The method of claim 2(C wherein selecting another computer to be the new backup 

2 partner includes 1^ 

3 determining if there are sufficient backup partners for backing up the data, and 

4 searching for the other computer based on predetermined criteria including one or 

5 both of geographic separation and system diversity. 

M ^ The method of wherein if after accepting the other computer as the new backup 
partner it is determined that the backup partners are insufficient in number for backing up the 
data, the selecting, negotiating and forming backup partnership with yet another computer are 

4 repeated, the determining, selecting, negotiating and forming backup partnership being repeated 

5 until the number of backup partners is sufficient. 

The method of claim 2, wherein selecting computers as potential backup partners 
[3 2 includes 

determining if there are sufficient backup partners for backing up the data, and 

4 searching for computers based on the predeteraiined criteria that includes one or 

5 both of geographic separation and system diversity. 

The method of claim 3, wherein negotiating the agreements includes, for any computer of 

^ g 2 the plurality of computers, 

JJ3 exchanging queries between the computer and computers selected as its potential backup 

04 partners about each such computer's ability to satisfy the predetermined requirements that 

"5 include one or more of 

6 predictable and suitable time schedule for being on-line, 

7 suitable network bandwidth, 

8 matching backup space requirements, and 

9 backup track record. 

The method of claim wherein, the computer prefers to partner with those of its 



3 



1 



2 potential backup partners that satisfy the predetermined requirements. 
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1 ^ The method of claim >r, wherein the suitable network bandwidth is equal or larger than a 

2 predetermined threshold bandwidth and is characterized by an average bandwidth that is larger 

3 than the predetermined threshold bandwidth. 
^ ^> 

I The method of claim wherein the backup track record includes not reneging on a 

(/^2 number of other backup partners that is greater than a predetermined number 

1 ^ The method of claim 1 , wherein each of the backup partners has a recent copy of a list of 

2 its backup partners' odier backup partners 

1 7^. The method of claim 1 , wherein a us.er'W^ each of the plurality of computers can obtain a 
copy of a list containing identifiers^d/or identities of the backup partners associated therewith 
and an encryption key under which the data is encrypted prior to being backed up 

jl The method of claim 1, wherein the agreements are respectively negotiated between the 

m plurality of computers such that in each partnership each computer commits to avoid making or 
iiS honoring data restoration requests for a predetermined commitment period that is longer than a 
j j grace period, wherein the grace period for a backup partner of a computer starts to nrn if it is 
determined that the backup partner has failed to respond to such computer verifying that the 
j backup partner is retaining the previously backed up data or to prove to such computer that it is 
retaining the previously backed up data, and wherein upon the grace period running out such 
i| computer considers the backup partner to have reneged on its agreement 

^0 1 )^ The method of claim ,7; wherein any encryption^ Ugorithm can be suitably used for 

2 encrypting the data being backed up, including DES (data encryption standard), RC4, RSA or 

3 other public-key encryption. / 

P.I / 

V I ^ y^- The method of claim 6, wherein the en-o^correction code is a Reed Solomon code. 

X3 The method of claim 5, wherein for ^low degree of fault tolerance the erasure code is 
3 n-^ I -parity. 
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1 }< The method of claim 7, wherein after the encryption of the data the encrypted data is 

2 divided into blocks and cryptographic checksums or digital signature are added to each block 

3 before the blocks are sent each to a particular one of the backup p^ers 

1 The method of claim 5, wherein the encoding with the erasure code includes 

2 dividing the data being backed up into blocks, and 

5 adding redundancy to each of the blocks producing data objects with actual data portions 

\ and redundant data portions, so that each one.bf the actual data portions and redundant data 
portions is being backed up at a distinct one of the backup partners 

f / 

>o7 . The method of claim 1 , further comprising: 

dividing the data being backed lip into blocks; 

creating a hash value of each^of the blocks using a key; and 

correspondingly appending/the hash values to their blocks before the blocks are each sent 
to a distinct one of the backup partners. 

op ^ 

)^ The method of claim^wherein the hash values are later used in periodically verifying 
that the previously backed> data is retained by the backup partners and, if needed, that the 
previously backed up data being retained is valid and can be used to restore lost data 

T It 

yf. The methodof claim,3<wherein the periodic verifying includes 

selecting and requesting a particular one of the data blocks that was previously 

backed up, 

/retrieving the particular one of the data blocks and its associated hash value, 
computing a new hash value from the retrieved particular block using the key, and 
comparing the new hash value with the associated hash value to determine it they 
are eqi/al, equality indicating that the data block is retained by the backup partner and is valid. 
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Wherein the encoding includes / 

2 ^7 dividing the data being backed up into groups o/m blocks, each of the p groups 

3 representing a vector of actual data and the blocks in e4h of the p groups representing 

4 elements of the actual data vector; and 



5 



adding redundancy to each actual data vect4 producing p codewords each being a 

6 vector of «=/M+i- e?pm<»nt<! on, tUr,t ^^^U ^ c^\.. / , 



7 



vector of .=;„-.^ elements, so that each one of th/ elements is being backed up at a distinct one 
of the backup partners. 

1 X T^="=*odofdaim><whereintl((restoring of data from the previously backed up data 

2 includes / 

retrieving blocks of the pr^ously backed up data from the backup partners until 
sufficient blocks of the previously^acked up data are available for decoding, 

5 checking, for each retrieved block of the previously backed up data, if the retrieved block 

6 is valid and intact. 



3 
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decoding all the relieved blocks of the previously backed up data to reconstruct the data 

n8 originally backed up. 

% ^ / 13 

fJ X ■^«"'*<*l/'=l»i™X«''>"™*"«tormgofdata from the previously backed up data 

"2 includes / 

3 retrieving previously backed up data from the backup partners until sufficient 

i previously backed up data is available for decoding, 

I decoding all the retrieved previously backed up data to reconstruct the data 

S ©riginally backed up, and 

7 / decrypting the data originally backed up to obtain the actual data. 

1 ^. TTie method of claim^wherein the restoring of data from the previously backed up data 

I includes 

5 retrieving previously backed up data from the backup partners until sufficient 

^ previously backed up data is available for decoding, and 

decrypting, decoding and decompressing all of the retrieved previously backed up 

data. 



34 



SV/105812.02 
09112000/14:36/18973.50 



I 



It' ! 

1 /i. The method of claim 1 , wherein the data being backed up is file contents 

j^. A dismbuted cooperative backup system, comprising: 

2 a network; and 

3 a loose confederation of computers connected via the network, a plurality of computers 
from among the loose confederation of computers being configured for distributed cooperative 
backing up of data, each computer of the plurality of computers having a storage that can be used 
for provid ing reciprocal backup services, and each computer of the plurality of computers 
respectively having a computer readable medium embodying computer program code configured 

8 to cause the computer to 

9 form partnerships between the plurality of computers, each of the partnerships being of 

10 computers such that each computer in a parmership commits under agreements to help backup 

11 the data of its backup partners; " " ^ 

g back up data in accordance with the agreements; and 

I periodically verify that previously backed up data is being retained by the computers 

% committed to act as backup partners in accordance with the agreements. 

iS if Iff 

I /6. The system of claim ^afWherein each of the backup partners may leave the system and 

^ return to the system at any time. 

I # ^9 

lb X The system of claim^^vherei^^ of freelpading is enforced by the backup 

T partne^di^^ wherein any one of the backup partners may be^periodically requested to 

3 prove that it is retaining the previously backed up data. 




1 /■». A distributed cooperative backup system, comprising: 

2 a network; and 

3 a loose confederation of computers comiected via the network, a plurality of computers 
from among the loose confederation of computers being configured for distributed cooperative 
backing up of data and fimctioning as backup partners, each computer of the plurality of 
computers having a storage that can be used for providing reciprocal backup services, and each 
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computer of the plurality of computers respectively having a computer readable medium 
embodying computer program code configured to cause the computer to 

select computers as potential backup partners from among the plurality of 
computers based on predetermined criteria, 

negotiate a reciprocal backup partnership agreement between the computer and 
selected computers based on predetermined requirements, including backup 
requirements, 

form partnerships between the computer and the selected computers, the computer 
and the selected computers becoming backup partners by agreeing to cooperatively 
provide backup services to each other so that a distributed cooperative backing up of data 
can be administered in the absence of central control, 

periodically back up data at the backup partners, encoding the data each time 
before the data is backed up, and 

periodically verify that previously backed up data is retained by the backup 
partners. 
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